Government websites hit by cryptocurrency mining malware

Lora Ball |Monday, February 12, 2018

Image The code in purple is malicioius. Pic Scott Helme

A list of 4,200-plus affected websites can be found here: they include The City University of NY (cuny.edu), Uncle Sam's court information portal (uscourts.gov), Lund University (lu.se), the UK's Student Loans Company (slc.co.uk), privacy watchdog The Information Commissioner's Office (ico.org.uk) and the Financial Ombudsman Service (financial-ombudsman.org.uk), plus a shedload of other.gov.uk and.gov.au sites, UK NHS services, and other organisations across the globe.

An estimated 5,000 websites are estimated to be affected - raising fears that details entered when paying council tax or student loans could have been stolen.

The cryptojacking script was inserted into website codes through BrowseAloud, a popular plugin that helps blind and partially-sighted people access the web.

Texthelp, which operates BrowseAloud, took its entire website down on Sunday while it tried to resolve the problem.

Security researcher Scott Helme was alerted to the hack by a friend who sent him antivirus software warnings received after visiting a UK Government website.

Helme told Sky News "This type of attack isn't new - but this is the biggest I've seen".

This meant that rather than having the crypto-miner on one website, it was loaded onto thousands of websites running the Texthelp application, including several Australian government websites such as the Queensland government's legislation page; the Victorian parliament website; the Queensland Department of Education's website; and several local council websites in Victoria and WA.

Thousands of websites including ones run by the USA and United Kingdom governments secretly hijacked browsers to mine cryptocurrency thanks to a compromised plugin.

Thousands of websites including Britain's privacy watchdog were affected yesterday by a "cryptomining" attack, which can take over computers and use their processing power to generate digital currencies.

"At this stage there is nothing to suggest that members of the public are at risk".